The latest News and Information on CyberSecurity for Applications, Services and Infrastructure, and related technologies.
While MSPs have been making significant investments in security and offering services, it is a challenge to keep up with the frequency and evolving sophistication of today’s cybersecurity threats. Defense in Depth (DiD) is the foundation on which most MSPs have built a layered security approach for dealing with them.
You have to capture everything to investigate security issues thoroughly, right? More often than not, data that at one time was labeled irrelevant and thrown away is found to be the missing piece of the puzzle when investigating a malicious attacker or the source of an information leak. So, you need to capture every network packet.
Cybersecurity continues to be a thorny problem for businesses and government agencies as breaches, disruptions, and data thefts continue to escalate. To help ensure that the growing number of government and private organizations implementing Kubernetes solutions have the highest possible levels of security, the National Security Agency (NSA) and Cybersecurity and Infrastructure Security Agency (CISA) have issued guidelines for hardening the security of Kubernetes implementations.
Multi-Factor Authentication (MFA) provides an enhanced security mechanism for your entire organization by requiring multiple methods of authentication credentials. Using traditionally managed passwords for accessing your apps, services, and networks is no longer a secure methodology. Indeed, cyber threats are on the rise. Hackers today employ sophisticated techniques such as spear-phishing or pharming to gain unauthorized access to corporate accounts.
Which cultural values empower businesses to thrive today? That's an open question, of course. But I suspect most employees, managers, and analysts would include items like collaboration, transparency, and creativity on the list of essential ingredients in business success. Indeed, you could argue that these values are at the core of a variety of modern organizational and technical innovations, from DevOps (which is all about collaboration) to open source software (which centers on collaboration and transparency) and the creator/maker movement (which is, of course, all about creativity).
This article explores how to secure production Kubernetes clusters with the help of open source tools. As a prerequisite, you’ll need to have basic beginner-level knowledge of Docker and Kubernetes. In a nutshell, Kubernetes is a container orchestration tool and Docker is a containerization platform. Some of the most famous Kubernetes clusters managed by cloud providers include AWS EKS, Azure AKS, and Google CKE.
We’ve said it before, and we’ll say it again: Security Orchestration, Automation and Response (SOAR) platforms are great tools for helping teams work smarter, faster, and more efficiently against security risks. But, used on their own, SOARs are far from perfect for meeting the full security needs of the modern organization.
The Project Calico community is one of the most collaborative and supportive communities in the open-source space. Our community has shown great engagement through the years, which has helped us maintain and grow the project. Thanks to our 200+ contributors from all over the world, Calico Open Source (the solution born out of the project) is powering 1.5M+ nodes daily across 166 countries.
AWS announced CloudTrail Lake on January 5th, 2022, as a fully-managed solution for storing and querying CloudTrail logs. At first glance, it is straightforward to set up, can be enabled for all your organization’s accounts with a radio button, and keeps data for up to seven years by default! It’s a huge time saver and headache eliminator for many, as getting CloudTrail from all organization accounts to a SIEM can be tedious and time-consuming. But all this comes with a cost.
